0

I am trying to mess around with a side project i have been meaning to complete for some time now and only just got back into it - Only remembering why i got over it in the first place.

I have created a login system connected to my access Database. All the logins work perfectly however each login has a given security level which should give them access to certain buttons/controls based on their level. I only have 2 levels at the moment - 5 and 10. If a user is assign access level 5 then it will take them to the main form where certain buttons/controls will not be accessable to them (Either not be there OR greyed out). If a user assigned with the access level 10 signs in, it will direct them to the main form where ALL buttons/controls will be accessable to them.

I have tried the below however it doesnt matter what acceess level i have assigned the user, It still gives all users access to use all buttons/controls.

using System;
using System.Data;
using System.Windows.Forms;
using System.Data.SqlClient;
using System.Data.OleDb;

namespace CCCAutoEngineering
{
    public partial class FormLogin : Form
    {
        //CREATES A CONNECTION TO THE DATABASE
        private const string conString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source = C:/CCC/CCCDB.accdb;";
        readonly OleDbConnection con = new OleDbConnection(conString);
        OleDbCommand cmd;

        FrmMain main = new FrmMain();
        EngineDesc engineDesc = new EngineDesc();
        EngineSpec engineSpec = new EngineSpec();


        public FormLogin()
        {
            InitializeComponent();
        }

        private void BtnCancel_Click(object sender, EventArgs e)
        {
            DialogResult dialogResult = MessageBox.Show("Are you sure you want to leave?","Exit",MessageBoxButtons.YesNo);
            if(dialogResult == DialogResult.Yes)
            {           
                Application.Exit();
            }
        }

        private void BtnLogin_Click(object sender, EventArgs e)
        {
            //SQL STMT
            cmd = new OleDbCommand("select * from Login where Username=@username and Password=@password", con);

            //ADD PARAMS
            cmd.Parameters.AddWithValue("@username", txtuserName.Text);
            cmd.Parameters.AddWithValue("@password", txtPassword.Text);
            con.Open();

            OleDbDataReader dataReader = default(OleDbDataReader);

            dataReader = cmd.ExecuteReader(CommandBehavior.CloseConnection);

            if (string.IsNullOrEmpty(txtuserName.Text))
            {
                MessageBox.Show("Please enter your username");
            }
            else if (string.IsNullOrEmpty(txtPassword.Text))
            {
                MessageBox.Show("Please enter your password");
            }
            else
            {
                while (dataReader.Read() == true)
                {                 
                    lbluser.Text = dataReader["Username"].ToString();
                    lblpwd.Text = dataReader["Password"].ToString();
                    lblLevel.Text = dataReader["Level"].ToString();

                    if (txtuserName.Text.Trim() == lbluser.Text.Trim() || (txtPassword.Text.Trim() == lblpwd.Text.Trim()))
                    {
                        if (lblLevel.Text == "10")
                        {
                            MessageBox.Show("You have successfully logged in");

                            this.Hide();                 

                            main.ShowDialog();

                            this.Close();
                        }
                        else if(lblLevel.Text == "5")
                        {
                            MessageBox.Show("You have successfully logged in");             

                            this.Hide();

                            engineDesc.Disable_controls();
                            engineSpec.Disable_controls();
                            main.Disable_controls();

                            main.ShowDialog();

                            this.Close();
                        }
                    }
                    else
                    {
                        MessageBox.Show("Invalid username and or password!");
                        txtuserName.Clear();
                        txtPassword.Clear();
                        txtuserName.Focus();
                    }   
                }
                dataReader.Close();
                con.Close();
            }          
        }
    }
}

You will notice the Disable_controls() function i am using, this is just a custom function i created, see below: 

public void Disable_controls() {
addToolStripMenuItem.Enabled = false;
updateToolStripMenuItem.Enabled = false;
deleteToolStripMenuItem.Enabled = false;
}

enter image description here

EngineDesc just gets data from the user adds it to a database like the make model of a engine then they can create a detailed folder linked to it which goes to a new form which is enginespec

enter image description here

That one is engine spec

I call these here 

FrmMain main = new FrmMain();
EngineDesc engineDesc = new EngineDesc();
EngineSpec engineSpec = new EngineSpec();
GrahamNorton
  • 121
  • 1
  • 8
  • 1
    What are engineDesc and engineSpec? And why would executing a method against them cause any change in behaviour in `main`? What does `main.Disable_controls();` do? – Andy G Sep 27 '18 at 12:31
  • @AndyG Edited the above. – GrahamNorton Sep 27 '18 at 12:40
  • @AndyG I added images of the forms aswell for engineSpec and engineDesc – GrahamNorton Sep 27 '18 at 12:52
  • 4
    Did you really take photos of your screen instead of a screenshot? – Rand Random Sep 27 '18 at 13:07
  • 1
    So, EngineDesc/EngineSpec are Forms? - When do you call them and open them? - My guess is that you are creating another instance of EngineDesc/EngineSpec where you do not call your method `Disable_controls()` - so either reuse the instances you have made in your `FormLogin` class or call your method on the new instances and drop the instances in `FormLogin` – Rand Random Sep 27 '18 at 13:14
  • And you should give this a try - https://stackoverflow.com/questions/1677528/winform-forms-closing-and-opening-a-new-form or https://stackoverflow.com/questions/5548746/c-sharp-open-a-new-form-then-close-the-current-form/13637531 - your `ShowDialog()` solution isnt really good – Rand Random Sep 27 '18 at 13:21
  • https://stackoverflow.com/questions/49020526/access-2016-users-and-permissions – ashleedawg Sep 27 '18 at 14:07

1 Answers1

0

You can try make a function in your Login Form that return the access level in string. Then call your function in your Main form.

Ex :

Make function in your login form :

public string accessLevel(string lblLevel)
{
   return lblLevel;
}

Then you can call the function in your main form like this :

LoginForm loginForm = new LoginForm();
string accessLevel = loginForm.accessLevel();

if(accessLevel == "10")
{
   //enter your code here
}

Instead of doing all the hardworks on your login form, you can try the validation in the main form instead.

Sorry if I cant came up with better soluton, thanks!

r.h_h
  • 57
  • 7